Pam and multiple requiste satements!
Mike Woods
Mike at the-rubber-chicken-network.co.uk
Wed Oct 5 10:21:43 PDT 2005
Im trying to configure pam to auth *twice* with pam_ldap (since pam_ldap
seems incapable of using multiple filters), anyway i have the pam conf
file listed below but even if I set either of the queried attributes to
false (basicly using 2 queries for access control) it seems that as long
as one of them authenticates properly then it goes through as ok, I had
looked at using pam_if with pam_deny as another way of doing this but
pam_if seems to have gone away long ago.
So, the question, is there any I can force pam to authticate against
both of these and fail if either does ?
auth requisite
/mail/pam_ldap/enabled/lib/pam_ldap.so debug
auth requisite
/mail/pam_ldap/imap/lib/pam_ldap.so debug use_first_pass
account required
/mail/pam_ldap/imap/lib/pam_ldap.so no_warn
Both instances of pam_ldap are configured to use seperate config files
with different pam_filter settings.
---------------------
Mike Woods
Systems Administrator
More information about the freebsd-questions
mailing list